An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:31
Type | Values Removed | Values Added |
---|---|---|
References | () https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download= - Vendor Advisory |
Information
Published : 2023-05-15 10:15
Updated : 2024-11-21 07:31
NVD link : CVE-2022-47390
Mitre link : CVE-2022-47390
CVE.ORG link : CVE-2022-47390
JSON object : View
Products Affected
codesys
- control_for_raspberry_pi_sl
- development_system_v3
- control_for_empc-a\/imx6_sl
- control_rte_\(for_beckhoff_cx\)_sl
- control_rte_\(sl\)
- control_for_pfc100_sl
- control_runtime_system_toolkit
- safety_sil2_psp
- hmi_\(sl\)
- control_for_linux_sl
- safety_sil2_runtime_toolkit
- control_for_wago_touch_panels_600_sl
- control_for_pfc200_sl
- control_for_iot2000_sl
- control_win_\(sl\)
- control_for_plcnext_sl
- control_for_beaglebone_sl
CWE
CWE-787
Out-of-bounds Write